A vulnerability, which was classified as problematic, has been found in yetiforcecrm (unknown version). This issue affects an unknown code block of the component Web Page Generation Handler. Applying the patch a062d3d5fecb000db207a2ad8a446db97ad96b89 is able to eliminate this problem. The bugfix is ready for download at github.com.
yetiforcecrm Web Page Generation cross site scripting
- Virtual Patching
- December 14, 2021
- 8:06 pm
Contact us to get started
CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION
Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References
CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE
Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker
CVE-2022-32549 : APACHE SLING COMMONS LOG/SLING API NEUTRALIZATION FOR LOGS
Description Apache Sling Commons Log